1. Field of the Invention
This invention relates to authorizing changes and more particularly relates to securely authorizing changes to a transaction restriction.
2. Description of the Related Art
Payment instruments such as radio frequency identification (RFID) tags, Smart Card® electronic cards, and cards with magnetic stripes are often used to electronically transact payments. For example, a user may pay for a soft drink at a vending machine using an RFID tag that authorizes payment from a user financial account to the an account for an owner of the vending machine. Similarly, the user may pay for an airline ticket using a credit card configured with a security processor.
The payment instrument may have a transaction restriction. For example, the RFID tag may be limited to payments totaling $100 or less during a week. Similarly, the credit card may be limited to authorizing $1,000 in online purchases in a month.
Transaction restrictions limit losses if a payment instrument is fraudulently employed. Continuing the example above, if the user's RFID tag is stolen, the user's monetary loss may be limited to $100 as the user may cancel the RFID tag before more than $100 is expended.
Unfortunately, the user may reach a limit of a transaction restriction for a payment instrument and still desire to transact additional payments using the payment instrument. For example, the user may make payments totaling $95 with the RFID tag over two days, and still want to purchase meals and the like using the RFID tag over the remainder of the week.
The user may conveniently authorize changes to transaction restrictions through the Internet. However, allowing online transaction restriction changes puts the user at risk if passwords and/or account numbers for the payment instrument are also lost and/or stolen along with the payment instrument.